Skip to main content
GitHub Docs
Version:
Enterprise Server 3.16
Search GitHub Docs
Search
Select language: current language is English
Open Search Bar
Close Search Bar
Open Menu
Open Sidebar
Secure coding
/
Getting started
/
Secure repository quickstart
Home
Secure coding
Getting started
GitHub security features
Dependabot quickstart
Secure repository quickstart
Add a security policy
Audit security alerts
Prevent data leaks
GitHub secret types
Adopt GHAS at scale
Introduction
1. Align on strategy
2. Preparation
3. Pilot programs
4. Create internal documentation
5. Rollout code scanning
6. Rollout secret scanning
Secure your organization
Introduction
About organization security
Enable security features
Create custom configuration
Apply custom configuration
Configure global settings
Manage organization security
Interpret security data
Filter repositories
Edit custom configuration
Manage paid GHAS use
Detach security configuration
Find attachment failures
Delete custom configuration
Troubleshooting configurations
Active advanced setup
Not enough GHAS licenses
Feature disappears
Secret scanning
Introduction
Secret scanning
Push protection
Supported patterns
Enable features
Enable secret scanning
Enable push protection
Manage alerts
About alerts
View alerts
Evaluate alerts
Resolve alerts
Monitor alerts
Work with secret scanning
Push protection on the command line
Push protection from the REST API
Push protection in the GitHub UI
Advanced features
Exclude folders and files
Non-provider patterns
Enable for non-provider patterns
Custom patterns
Define custom patterns
Manage custom patterns
Custom pattern metrics
Delegated bypass
About delegated bypass
Enable delegated bypass
Manage bypass requests
Troubleshoot
Troubleshoot secret scanning
Code scanning
Introduction
About code scanning
About CodeQL code scanning
Enable code scanning
Configure code scanning
Evaluate code scanning
Code scanning at scale
Create advanced setup
Configure advanced setup
Customize advanced setup
CodeQL for compiled languages
CodeQL advanced setup at scale
Hardware resources for CodeQL
Code scanning in a container
Manage alerts
About code scanning alerts
Assess alerts
Resolve alerts
Triage alerts in pull requests
Manage code scanning
Code scanning tool status
Edit default setup
Set merge protection
CodeQL query suites
View code scanning logs
C and C++ CodeQL queries
C# CodeQL queries
Go CodeQL queries
Java and Kotlin CodeQL queries
JavaScript and TypeScript queries
Python CodeQL queries
Ruby CodeQL queries
Swift CodeQL queries
Integrate with code scanning
About integration
Using code scanning with your existing CI system
Upload a SARIF file
SARIF support
Troubleshooting code scanning
Advanced Security must be enabled